<?php

use App\Http\Controllers\Api\Admin\AdminController;
use App\Http\Controllers\Api\Admin\PermissionController;
use App\Http\Controllers\Api\Admin\RoleController;
use App\Http\Controllers\Api\Auth\AuthController;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "api" middleware group. Make something great!
|
*/

// 不需要认证的路由
Route::prefix('auth')->group(function () {
    Route::post('login', [AuthController::class, 'login'])->name('api.auth.login');
});

// 需要认证的路由
Route::middleware(['auth:sanctum'])->group(function () {
    // 认证相关
    Route::prefix('auth')->group(function () {
        Route::post('logout', [AuthController::class, 'logout'])->name('api.auth.logout');
        Route::get('me', [AuthController::class, 'me'])->name('api.auth.me');
    });

    // 管理员管理
    Route::apiResource('admins', AdminController::class)->middleware('can:manage_admins');
    // 角色管理
    Route::apiResource('roles', RoleController::class)->middleware('can:manage_roles');
    Route::post('roles/{role}/assign-permissions', [RoleController::class, 'assignPermissions'])
        ->name('roles.assign-permissions')
        ->middleware('can:manage_roles');

    // 权限管理
    Route::apiResource('permissions', PermissionController::class)->middleware('can:manage_permissions');
});
